A CP-ABE scheme with system attributes revocation in cloud storage

Attribute Based Encryption (CP-ABE) access control schemes has become a heated topic area in security since it is more suitable for access control mechanism. Due to the problems such that system attribute revocation is not flexible, system overhead is too big and other issues for existing CP-ABE access control schemes under cloud environment, with the limited access condition of `AND' and `OR' in an access tree, based on AB-ACER schemes, we proposed a CP-ABE scheme with system attribute revocation in Cloud storage. This scheme is based on many minimum attribute sets which shared Re-encryption keys, storage service provider re-encrypts ciphertext when a system attribute is revoked. This scheme is not only keeps security and fine-grained access control of original scheme, but also has a good flexibility and efficiency.

[1]  Cong Wang,et al.  Attribute based data sharing with attribute revocation , 2010, ASIACCS '10.

[2]  Brent Waters,et al.  Fuzzy Identity-Based Encryption , 2005, EUROCRYPT.

[3]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[4]  Brent Waters,et al.  Secure attribute-based systems , 2010, J. Comput. Secur..

[5]  Dong Kun Noh,et al.  Attribute-Based Access Control with Efficient Revocation in Data Outsourcing Systems , 2011, IEEE Transactions on Parallel and Distributed Systems.

[6]  Wenjing Lou,et al.  Attribute-based on-demand multicast group setup with membership anonymity , 2008, SecureComm.

[7]  Rafail Ostrovsky,et al.  Attribute-based encryption with non-monotonic access structures , 2007, CCS '07.